The Critical Security Controls – Control 3

Control 3: A Framework for an Offense-informed Defense As we discussed in our earlier blog posts on the 20 Critical Security Controls, they provide an offense-informs-defense framework through which an organization can effectively defend against cyberattacks.  In this installment, we’re examining Control Three. This control is a ‘Basic control’ and represents one which every organization,…

RSA: and it Begins

RSA Day 1:        4-16-18 Each year, the cybersecurity world converges on San Francisco for a week to collectively advance the state of security. Over 50,000 professionals come together to make the RSA Conference one of the largest gatherings of its kind. The unique value of this gathering is derived both through the…

The Critical Security Controls – Control 2

Control 2:  A Framework for an Offense-informed Defense As we discussed in our earlier blog post the 20 Critical Security Controls provide a framework in which an organization’s defense can be informed by offensive techniques. We’ve related this to how law enforcement have used successful financial crimes to inform the defense of the financial sector.…

The Critical Security Controls – Control 1

Control 1:  A Framework for an Offense-informed Defense   As we discussed in our earlier blog post concerning the cybersecurity landscape and making sense of it, the banking industry has evolved and adapted their business in fundamental ways to mitigate the threats naturally encountered in day-to-day operations. This ranges from architectural changes of bank branches,…

Cyber security = Cyber Defense = Cyber-chaos

Breaking through the noise: Cyber security = Cyber Defense = Cyber-chaos   It seems that every professional association, organization, or group has their own definition of CyberSecurity and a corresponding checklist to implement foolproof IT security. If it were really that easy, we assert that Target, JP Morgan, CIA, DOE, DOJ, and nearly every major…

“Can I Buy A Bitcoin From You?”

“Can I buy a bitcoin from you?”  This is often how the conversation begins when we’re contacted by business owners that have been hit with a ransomware attack. As one of the leading Crypto-ransomware incident response organizations in the southeast, we unfortunately get asked this question on a regular basis. Every time we’re asked this,…

Humans, They’re so much trouble!

Modern cybercriminals – Hackers – use numerous clever ways to attack businesses – from technical attacks to social engineering. In our capacity as a Cyber Incident Response organization, we are witnesses to the ingenuity and thought used by attackers in their criminal pursuits. Often, the weakest point in an organization’s armor are the humans who…